Starts on July 27th

Register - It's Free

Fast, Focused & Taught By The Best

Videos From The Live Event + Bonus Video

Discourse Board For Students & Teachers


What You Need To Know To Contribute To ICS Cyber Risk Decisions

How is the OnRamp different than other ICS security training?

  • It’s faster. What you need to know to shape the future of ICS and IIOT security.
  • It’s focuses on today and the future … not the past.
  • You get 10 videos from top talent in ICSsec recorded at a one-time live event in Miami Beach.
  • You can ask questions of the teachers and talk with fellow students on the Discourse board.

Our goal with the OnRamp is to get a lot of people up to speed on ICS security.

How It Works

  • Every week for five weeks we will post two videos. Some of the sessions will have bonus materials from the teacher or from Dale.
  • Each video will include a question / assignment to get you thinking about the topic.
  • The Discourse board is where you can answer the question … and ask your questions to the instructors and fellow students.
  • The Discourse board and all of the videos will remain online for another five weeks, so if you get busy you can catch up.


Topics and Teachers

Know Your ICS – Marty Edwards

This lead off lecture will tell you what an ICS is and what it does. You will learn the key components and different types of ICS, and you will learn what type of information you should create and maintain to know your ICS.

Architecture – Dale Peterson

The architecture of ICS has a huge impact security. The models of today and the future will be revealed as well as how security controls are overlaid on these ICS architectures. 

Protocols – Adam Crain

ICS protocols monitor and control a physical process, and they are purpose built to do this. This session will show the basic features of these protocols, identify the common protocols and where they are used, and importantly talk about the secure ICS protocols that are being developed.

Low Impact/High Value Assessment Tools for ICS – Jason Holcomb

The horror stories of security scanning tools and other security assessment processes causing outages and worse in ICS are true. This session will teach you what not to do, but more importantly how you can use assessment tools effectively and safely on an ICS.

Safety and Protection Systems – Bryan Singer 

The TRISIS attack demonstrates that attackers are learning that safety systems are deployed to stop high consequence events. Learn the purpose of safety and protection systems, how they are the same and how they differ from ICS, safety / ICS integration practices, and the importance of adding cyber risk to your safety and protection studies.

Attacks & Threats – Rob Lee

With the barrage of FUD coming from the media, and many ICSsec experts, discover what you should learn from recent ICS attacks and known threat actors. And importantly, what should you prepare for in the next 1 – 3 years.

Detection & Response – Chris Sistrunk

Given the “insecure by design” problem with ICS protocols, apps and devices, protection is difficult if the attacker is past the cyber security perimeter. Detection is key to identify attacks early and response is necessary to prevent or limit the consequences. This is a fast-moving area in ICSsec. Learn what the leaders are doing today and will do tomorrow. 

Guidelines, Standards and Certifications – Jason Christopher

The acronyms around the sector, national and global “standards” can be daunting. Learn which ones are important; how they can be productively used; and which efforts to watch for the future.

Risk Management & Executive Communication – Patrick Miller

Asset owners are not truly interested in security; they care about managing risk. Much ICSsec activity today is busy work with little risk reduction. Learn how to make decision from a risk management approach, and importantly how to effectively communicate with executives and board members to get the support you need for an ICS security program.

Cloud Services – Bryan Owen

The buzz term “Cloud Services” definitely applies to ICS. It starts with Predictive Maintenance and Efficiency Services, and it will go to Operators-in-the-cloud and more. Learn what is here, what is coming, and how to make sure you have the appropriate security.